Python&Java互通rsa加密解密

記錄一次項目使用RSA加解密

項目使用Java和Python在開發，RSA加密解密互通代碼：

Python代碼

# -*- coding: utf-8 -*-
"""
RSA加解密
"""
import base64
from M2Crypto import BIO, RSA

with open("public_key.pem", 'r') as f:
    pubkey = f.read()
with open("private_key.pem", 'r') as f:
    prikey = f.read()

# 加密
text = "ABCDEF".encode('utf-8')  # 明文
pub_bio = BIO.MemoryBuffer(pubkey.encode('utf-8'))  # 公鑰字符串
pub_rsa = RSA.load_pub_key_bio(pub_bio)  # 加載公鑰
secret = pub_rsa.public_encrypt(text, RSA.pkcs1_padding)  # 公鑰加密
sign = base64.b64encode(secret)  # 密文base64編碼
print(sign)

# 解密
b64_sign = "uhBqhevT0E5+WT++HX+pGzSy7YGskBQODuvoV+hf0k8cSyXG/GuAT4LKYaCiT9qiEGlbWxCIH51Qt1s0y2X56TbNja93AbzXiFWzsC2H6vwo3ZFcoj+YqUBsax+Gad0I6NME9lalpKsPtWqi4W/b3VbG5Mx+WBJ+L17GR7ZvWMo=" # base64密文
cipher = base64.b64decode(b64_sign)  # base64解碼
pri_bio = BIO.MemoryBuffer(prikey.encode('utf-8'))  # 加載私鑰
pri_rsa = RSA.load_key_bio(pri_bio)
plain = pri_rsa.private_decrypt(cipher, RSA.pkcs1_padding)  # 解密
print(plain.decode('utf-8'))

Java代碼

import java.security.Key;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;

import javax.crypto.Cipher;

public class rsa_demo {
    
    public String encryptoMode ="RSA/ECB/PKCS1Padding";
    //public String encryptoMode ="RSA/ECB/NoPadding";

    private String priKey="私鑰字符串";
    
    private String pubKey="公鑰字符串";
    
    public String sign_str = "123456" ;
     /***
      * 祕鑰的來源方式 openssl 生成
      */
     
     /**
      * 得到公鑰
      * @return
     * @throws NoSuchAlgorithmException 
     * @throws InvalidKeySpecException 
      */
     private PublicKey getPublicKey(String pubKeyString) throws NoSuchAlgorithmException, InvalidKeySpecException {
         byte[] pubKeyByte = Base64.getDecoder().decode(pubKey);
         X509EncodedKeySpec spec = new X509EncodedKeySpec(pubKeyByte);
         KeyFactory keyFactory = KeyFactory.getInstance("RSA");    
         PublicKey pubkey = keyFactory.generatePublic(spec); 
         return pubkey;
     }
     /**
      * 得到私鑰
      * @return
      */
     private PrivateKey getPrivateKey(String priKeyString) throws NoSuchAlgorithmException, InvalidKeySpecException {
         byte[] priKeyByte = Base64.getDecoder().decode(priKey);
         PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(priKeyByte);
         KeyFactory keyFactory = KeyFactory.getInstance("RSA");    
         PrivateKey priKey = keyFactory.generatePrivate(spec);    
         return priKey;
     }
     
     /**
      * 公鑰加密 （私鑰加密）
      */
     public String encrypto(String text,Key key) {
         try{
                Cipher cipher = Cipher.getInstance(encryptoMode);
                cipher.init(Cipher.ENCRYPT_MODE, key);
                byte tempBytes[] = cipher.doFinal(text.getBytes());
                String secretText=Base64.getEncoder().encodeToString(tempBytes);
                return secretText;
            }catch(Exception e){
                throw new RuntimeException("加密字符串[" + text + "]時遇到異常", e);
            }
     }
     /**
      * 私鑰解密（公鑰解密）
      * @param secretText
      */
     public String decrypto(String secretText,Key key) {
         try{
                //生成公鑰
                Cipher cipher = Cipher.getInstance(encryptoMode);
                cipher.init(Cipher.DECRYPT_MODE, key);
                // 密文解碼
                byte[] secretText_decode = Base64.getDecoder().decode(secretText.getBytes());
                byte tempBytes[] = cipher.doFinal(secretText_decode);
                String text=new String( tempBytes);
                return text;
            }catch(Exception e){
                throw new RuntimeException("解密字符串[" + secretText + "]時遇到異常", e);
            }
     }
    /**
     * 因爲每次公鑰 加密出來的結果都不同，全部python java 每次加密出來的結果都不同，也就沒有可比性。咱們只考慮能解密就行 
     * @param args
     */
    public static void main(String[] args) throws Exception {
        
        rsa_demo rsa = new rsa_demo();
        System.err.println("明文:"+rsa.sign_str);
        PublicKey pubkey = rsa.getPublicKey(rsa.pubKey);
        PrivateKey prikey = rsa.getPrivateKey(rsa.priKey);
        String secretText = rsa.encrypto(rsa.sign_str,pubkey);//公鑰加密，私鑰解密
    
        secretText="Lm9PN4oM1dl17d2XFYRIs+hDV6RkGPVYBjgYAglaj020v5RnYzClHUN6lOVBzpeYKyH1MY5JzyOfxuYZHKCupVqhcvY4+zx+jowBH2nbVp1+/OrzuiPkNivfvmEad6ImAZp5/3Y/dVafABm5xZE78j7Ytlv0ak4seXMGTisU39o=";
        System.out.println("密文:"+secretText);
        String text =  rsa.decrypto(secretText,prikey);
        
        System.out.println("明文:"+text);
        
    }
    
    
}

note

1 公鑰私鑰:使用openssl生成pkcs#1格式的公鑰私鑰pem文件。python直接使用該密鑰；Java須要轉換爲pkcs#8格式公鑰私鑰，密鑰字符串不須要BEGIN/END。
2 python能夠將公鑰私鑰的字符串直接保存使用，避免每次讀pem文件。
3 M2Crypto庫安裝會有環境問題，centOS直接pip安裝成功，Ubuntu安裝失敗。